Mizaan.

context.

zakat is obligatory charity, and indonesia moves billions of it a year. but the proof that a donation actually reached a recipient is usually a pdf an agency publishes — easy to fabricate, impossible to verify at the level of a single person.

mizaan's premise is that transparency should be a by-product of the workflow, not a report written afterward. if the act of distributing money produces the proof automatically, nobody has to be trusted to write it down honestly.

three signatures.

every donation walks through three signed attestations on solana: the donor commits the gift, the agency's amil assigns it to a named recipient, and the recipient confirms they received it — the last one via an sms magic link, so they need no wallet and no app.

on-chain records hold the immutable, verifiable facts; a postgres layer holds the off-chain metadata and pii that should never touch a public ledger. a public verifier stitches them back together so anyone can trace a gift from a donor's wallet all the way to a recipient's phone.

on-chain facts, off-chain pii.

the architecture splits hard: solana's attestation service stores the immutable signatures and amounts; supabase postgres holds names, notes, and contact details that have no business on a public chain. donors sign with phantom or solflare; recipients and agency staff use privy embedded wallets over email or sms. the verifier joins both at read time so the proof is complete without leaking anyone's identity on-chain.

what shipped.

a working devnet build: a six-step donation flow with zakat calculation, the three-signature attestation chain, an agency distribution console, an sms confirmation flow for recipients, a public verifier, a live activity feed over supabase realtime, and full bahasa indonesia + english localisation. solo, in six weeks.